Application Security

March 28, 2019
Using CSPs to Reduce Front-End Attack Vectors

What is a CSP? CSP is an acronym for Content Security Policy. It can be used as a white-list of...

Read More
March 13, 2019
XXE Vulnerability in BlackBerry AtHoc (Networked Crisis Communication) Platform

Recently I had the opportunity to test an installation of AtHoc – BlackBerry’s emergency notification system. During the course of...

Read More
December 6, 2018
REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 3 – Reporting

Welcome back to the REST Assured blog series for Part 3: Reporting. While often overlooked by security professionals, compiling reports...

Read More
November 14, 2018
REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 1 – Introduction & Configuration

Introduction: Hello and welcome to our 3-part blog series where we will take a dive into the technical aspects of...

Read More
April 3, 2018
CloudFront Hijacking

I recently spent some time exploring the issue of CloudFront domain hijacking. This is not a new issue but I...

Read More
November 24, 2016
Stop By Booth 118 @ AWS re:Invent and Speak to Our Team of Cybersecurity Experts

Read More
November 7, 2016
Voter Privacy vs. the Security of the Electronic Voting System

As technology continues to permeate every facet of life, individuals are continuously faced with decisions that test the balance between...

Read More
August 5, 2016
Hacking Hillary: Recent Breaches against Democratic Political Groups

A recent leak of thousands of Democratic National Committee emails cast a long shadow over the Democratic Convention in Philadelphia...

Read More
March 14, 2016
Electronic Voting for the 21st Century

With the election year ahead it behooves us to take a look at the security of our voting systems and...

Read More
October 5, 2015
The AWS Shared Responsibility Model: Part 1 – Security in the Cloud

Cloud Service Providers (CSP) offer a range of infrastructure, platforms, and software for customers to consume. Whether you are looking...

Read More
June 23, 2015
Choosing a 3PAO: FedRAMP, Cybersecurity & Cloud Expertise are Vital

As a direct result of the Cloud First policy, the Federal Government is spending more time, money, and effort on...

Read More
March 23, 2015
Information Security & Personal Responsiblity

Grab the presentation here. Back in November, I had the privilege of being asked to speak to some students in...

Read More
12